Lucene search

PRIOn knowledge basePRION:CVE-2007-0012

HistoryJan 09, 2008 - 11:46 p.m.

Null pointer dereference

2008-01-0923:46:00

PRIOn knowledge base

www.prio-n.com

6.8 Medium

AI Score

Confidence

High

4.3 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:N/I:N/A:P

0.006 Low

EPSS

Percentile

77.5%

JSON

Sun JRE 5.0 before update 14 allows remote attackers to cause a denial of service (Internet Explorer crash) via an object tag with an encoded applet and an undefined name attribute, which triggers a NULL pointer dereference in jpiexp32.dll when the applet is decoded and passed to the JVM.

CPENameOperatorVersion
jrele1.5.0
jrele1.5.0
jrele1.5.0
jrele1.5.0
jrele1.5.0
jrele1.5.0
jrele1.5.0

Name	Operator	Version
jre	le	1.5.0
jre	le	1.5.0
jre	le	1.5.0
jre	le	1.5.0
jre	le	1.5.0
jre	le	1.5.0
jre	le	1.5.0

References

securityreason.com/securityalert/3527

www.securityfocus.com/archive/1/485942/100/0/threaded

www.securityfocus.com/bid/27185

exchange.xforce.ibmcloud.com/vulnerabilities/39549

6.8 Medium

AI Score

Confidence

High

4.3 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:N/I:N/A:P

0.006 Low

EPSS

Percentile

77.5%

JSON

Related for PRION:CVE-2007-0012